Symantec is out with its "Dirtiest Web Sites of Summer 2009," which it's calling "the worst of the worst" when it comes to malware threats.
The security vendor says that "48 percent of the Dirtiest Web Sites are, well, dirty--sites that feature adult content." That means that more than half the sites cover a wide range of other categories including legal services, catering, figure skating, and electronics shopping, according to the report.
On average, sites on the dirtiest list have 18,000 threats per site, but 40 of the sites have in excess of 20,000 threats. One site that appears to offer restaurant catering services has 23,414 computer threats
"The number of web attacks is off the charts because it's the easiest path into a consumer's machine" said Gerry Egan, Symantec's director of security response.
The Web, said Egan "has become the primary delivery vehicle for malware." One method for infection is "drive by downloads," which can exploit a vulnerability in your browser or operating system by "leveraging little security holes" and injecting code into your machine simply by virtue of your visiting the site. Another route to infections is social engineering where someone tricks a user into installing a malicious application that can masquerade as a plug-in to play media or even a fake security program that claims to help you find and remove malware. Instead it installs malware on your machine.
There are a number of dastardly payloads associated with the type of malware delivered through these sites including turning your machine into a "spambot" that sends junk e-mail to other people. Such programs can also hijack your computer to be part of a "botnet" to carry out attacks on other systems such as the recent denial-of-service attack that brought down Twitter earlier this month.
Symantec has identified these dirty sites as part of the ongoing analysis it does for its Norton Safe Web product. Safe Web includes a free Web site that anyone can use to see if a site is known to have malware. In addition, Symantec's security products now come with a plug-ins that works with a browser to look over your shoulder while you're surfing or searching to warn you before visiting a site known to contain malware.
TrendMicro Internet Security has a feature that warns you if you are about to visit a site that "may put your security at risk" and McAfee offers a service called McAfee Site Advisor that includes a free plug-in for Firefox and Internet Explorer that warns you about potentially dangerous sites that show up in search results.
Podcast: Larry speaks with Symantec's director of security response, Gerry Egan (8:43)
Listen now: Download today's podcast
Symantec's Kevin Haley says the malicious software responsible for attacking government and other sites in the U.S. and South Korea contains code that could turn against host PCs, erasing data and making the machines unbootable.
The attacks, which have been going on since July 4, have affected Web sites operated by several U.S. and South Korean government agencies including the U.S. Treasury Department and White House and the South Korean Ministry of Defense. Some company sites, including The Washington Post, have also been affected.
Like other distributed denial of service attacks, the actual PCs that are doing the attack are part of a "botnet." They have been infected with malicious software designed to carry out the attack. And, as CNET's Elinor Mills reported earlier, that same software could wipe out data on infected PCs.
Listen to Symantec's Kevin Haley discuss the risk:
Listen now: Download today's podcast
As a followup to my post from Tuesday about the ability for someone to view porn from within Bing, I just heard from a Symantec spokesperson that the company's Internet monitoring and filtering service, OnlineFamily.Norton (review), can't yet prevent Bing users from searching sexually explicit terms for Web sites or videos. The company plans to add Bing to its protected search engines in the next release. Other major search engines, including Google, are covered by the software's SafeSearch feature.
In the meantime, Symantec recommends that parents use OnlineFamily.Norton to block access to all of Bing--which isn't particularly good for Microsoft.
OnlineFamily is a free Windows and Mac application that can be used to block sites and monitor a child's online behavior. Unlike some Internet-monitoring programs, it doesn't operate in stealth mode so, if parents use that feature, kids know that their Web activities are being watched.
Because Bing plays videos within its own site and doesn't require the user to click through, checking the browser history or using monitoring programs like OnlineFamily would only show that they visited Bing.com, not what videos they watched from within the site.
- prev
- 1
- next
